PT-2015-7739 · Ntf+7 · Ntp+11

Jonathan Gardner

·

Published

2015-12-31

·

Updated

2024-06-15

·

CVE-2015-8138

CVSS v3.1

5.3

Medium

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Name of the Vulnerable Software and Affected Versions NTP versions 4.2.8p6 and earlier, NTP versions 4.3.x before 4.3.90 NTP (affected versions not specified) in multiple Cisco products
Description The issue allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero, potentially causing a denial of service (DoS) condition or modifying the time being advertised by a device acting as a Network Time Protocol (NTP) server. This vulnerability exposes the possibility of a logic error.
Recommendations For NTP versions 4.2.8p6 and earlier, update to version 4.2.8p6 or later. For NTP versions 4.3.x before 4.3.90, update to version 4.3.90 or later. For NTP in multiple Cisco products, refer to the Cisco bug for each affected product for available workarounds. As a temporary workaround, consider restricting access to the NTP service to minimize the risk of exploitation.

Exploit

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALT-PU-2017-2335
CESA-2016_0063
CVE-2015-8138
DLA-559-1
DSA-3629-1
MGASA-2016-0039
OPENSUSE-SU-2016_1292-1
OPENSUSE-SU-2024:10181-1
RHSA-2016:0063
RHSA-2016_0063
SUSE-SU-2016:1175-1
SUSE-SU-2016:1177-1
SUSE-SU-2016:1247-1
SUSE-SU-2016:1311-1
USN-3096-1

Affected Products

Alt Linux
Centos
Cisco
Cisco Ios
Cisco Ios Xe
Cisco Ios Xr
Cisco Nexus
Freebsd
Ntp
Red Hat
Suse
Ubuntu